Get-Eventlog - Powershell 1.0 CmdLet

Microsoft Windows PowerShell is a command-line shell and scripting tool based on the Microsoft .NET Framework. It is designed for system administrators, engineers and developers to control and automate the administration of Windows and applications.

More than hundred command-line tools (so called "cmdlets") can be used to perform system administration tasks and Windows Management Instrumentation (WMI). These cmdlets are easy to use, with standard naming conventions and common parameters, and standard tools for piping, sorting, filtering, and formatting data and objects.

Get-Eventlog

Description
Get eventlog data

Usage


Options
-logName string
        Name of the log file from which to get log events.

   -list 
        Return a list of the log files available.

   -asString 
        Send the output as a string, instead of object(s).

   -newest 
        Gets the newest 'n' event log entries, where 
        'n' represents a numerical value for the newest 
        entries in the eventlog.

   CommonParameters:
       -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutVariable.

Example(s)
Display the 50 most recent entries in the Application event log:

PS C:\>get-eventlog -newest 50 -logname application

Get the 100 recent entries from the System event log and store in $MyEvents.
Then pipeline the results to group-object to group them by event id.

PS C:\>$MyEvents = get-eventlog -logname system -newest 100
$events | group-object eventid

Write a new message to the Application eventlog:

PS C:\>$log = Get-EventLog -List | Where-Object { $_.Log -eq "Application" }
PS C:\>$log.Source = "Test"
PS C:\>$log.WriteEntry("Test message")

PS C:\>Get-EventLog Application -Newest 1 | Select Message